VMware vSphere 8.0 ESXi Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.
<VulnDiscussion>When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potenti...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must restrict use of the dvFilter network application programming interface (API).
<VulnDiscussion>If the organization is not using products that use the dvFilter network API, the host should not be configured to send networ...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.
<VulnDiscussion>When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without m...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must have all security patches and updates installed.
<VulnDiscussion>Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.</VulnD...Rule High Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.
<VulnDiscussion>Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need t...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.